Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acl vulnerabilities and exploits
(subscribe to this query)
436
VMScore
CVE-2021-39234
In Apache Ozone versions before 1.2.0, Authenticated users knowing the ID of an existing block can craft specific request allowing access those blocks, bypassing other security checks like ACL.
Apache Ozone
755
VMScore
CVE-2004-0189
The "%xx" URL decoding function in Squid 2.5STABLE4 and previous versions allows remote malicious users to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against th...
Squid Squid 2.4 Stable7
Squid Squid 2.5 Stable3
Squid Squid 2.0 Patch2
Squid Squid 2.1 Patch2
Squid Squid 2.3 Stable5
Squid Squid 2.4
Squid Squid 2.5 Stable4
1 EDB exploit
655
VMScore
CVE-2019-1003001
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and previous versions in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/R...
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
1 EDB exploit
1 Github repository
655
VMScore
CVE-2019-1003002
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and previous versions in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pi...
Jenkins Pipeline\\ Declarative
Redhat Openshift Container Platform 3.11
1 EDB exploit
1 Github repository
187
VMScore
CVE-2020-15393
In the Linux kernel 4.4 up to and including 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.
Linux Linux Kernel
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
578
VMScore
CVE-2018-17196
In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated clients with Write permission on the respective topics are able to exploit this vulnerability. Users sh...
Apache Kafka
1 Github repository
231
VMScore
CVE-2011-1499
acl.c in Tinyproxy prior to 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote malicious users to hide the origin of web traffic by leveraging the open HTTP proxy server.
Banu Tinyproxy 1.7.1
Banu Tinyproxy 1.7.0
Banu Tinyproxy 1.6.0
Banu Tinyproxy 1.5.0
Banu Tinyproxy 1.5.1
Banu Tinyproxy
Banu Tinyproxy 1.6.2
Banu Tinyproxy 1.5.3
Banu Tinyproxy 1.8.1
Banu Tinyproxy 1.8.0
Banu Tinyproxy 1.6.4
Banu Tinyproxy 1.6.3
Banu Tinyproxy 1.6.5
Banu Tinyproxy 1.6.1
Banu Tinyproxy 1.5.2
Debian Debian Linux 6.0
409
VMScore
CVE-2019-13164
qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
Qemu Qemu 3.1
Qemu Qemu 4.0.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
436
VMScore
CVE-2020-12771
An issue exists in the Linux kernel up to and including 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.
Linux Linux Kernel
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Hci Bootstrap Os -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
662
VMScore
CVE-2019-1003000
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and previous versions in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the ...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
2 EDB exploits
6 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »